IPv4 over IPv6简介

在IPv4 Internet向IPv6 Internet过渡的后期，IPv6网络已被大量部署，此时可能出现IPv4孤岛。利用隧道技术可在IPv6网络上创建隧道，从而实现IPv4孤岛的互连。这类似于在IP网络上利用隧道技术部署VPN。在IPv6网络上用于连接IPv4孤岛的隧道，称为IPv4 over IPv6隧道。

图1 IPv4 over IPv6 隧道原理

IPv4 over IPv6 隧道技术的原理如图1所示：

边界设备启动IPv4/IPv6双协议栈，并配置IPv4 over IPv6隧道。
边界设备在收到从IPv4网络侧发来的报文后，如果报文的目的地址不是自身，就要把收到的IPv4报文作为负载，加上IPv6报文头，封装到IPv6报文里。
在IPv6网络中，封装后的报文被传递到对端的边界设备。
对端边界设备对报文解封装，去掉IPv6报文头，然后将解封装后的IPv4报文发送到IPv4网络。

配置IPv6 over IPv4 GRE隧道示例

组网需求

如上图，两个IPv6网络分别通过SwitchA和SwitchC与IPv4公网中的SwitchB连接，客户希望两个IPv6网络中的PC1和PC2实现互通。

其中PC1和PC2上分别指定SwitchA和SwitchC为自己的缺省网关。

配置思路

要实现IPv6协议中的PC1和PC2通过IPv4公网互通。需要在SwitchA和SwitchC之间建立直连链路，部署GRE隧道，通过静态路由指定到达对端的报文通过Tunnel接口转发，PC1和PC2就可以互相通信了。

配置GRE隧道实现IPv6协议互通的思路如下：

配置物理接口的IP地址，并配置IPv4静态路由，实现设备可以通过IPv4网络通信。
在SwitchA和SwitchC上创建Tunnel接口，创建GRE隧道，并在SwitchA和SwitchC上配置经过Tunnel接口的IPv6静态路由，使PC1和PC2之间的流量通过GRE隧道传输，实现PC1和PC2互通。

操作步骤

配置各物理接口的IP地址

# 配置SwitchA。

<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] vlan batch 10 30
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type trunk
[SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] port link-type access
[SwitchA-GigabitEthernet0/0/2] port default vlan 30
[SwitchA-GigabitEthernet0/0/2] quit
[SwitchA] interface vlanif 10
[SwitchA-Vlanif10] ip address 20.1.1.1 24
[SwitchA-Vlanif10] quit
[SwitchA] ipv6
[SwitchA] interface vlanif 30
[SwitchA-Vlanif30] ipv6 enable
[SwitchA-Vlanif30] ipv6 address fc00:1::1 64
[SwitchA-Vlanif30] quit

# 配置SwitchB。

<HUAWEI> system-view
[HUAWEI] sysname SwitchB
[SwitchB] vlan batch 10 20
[SwitchB] interface gigabitethernet 0/0/1
[SwitchB-GigabitEthernet0/0/1] port link-type trunk
[SwitchB-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[SwitchB-GigabitEthernet0/0/1] quit
[SwitchB] interface gigabitethernet 0/0/2
[SwitchB-GigabitEthernet0/0/2] port link-type trunk
[SwitchB-GigabitEthernet0/0/2] port trunk allow-pass vlan 20
[SwitchB-GigabitEthernet0/0/2] quit
[SwitchB] interface vlanif 10
[SwitchB-Vlanif10] ip address 20.1.1.2 24
[SwitchB-Vlanif10] quit
[SwitchB] interface vlanif 20
[SwitchB-Vlanif20] ip address 30.1.1.1 24
[SwitchB-Vlanif20] quit

# 配置SwitchC。

<HUAWEI> system-view
[HUAWEI] sysname SwitchC
[SwitchC] vlan batch 20 30
[SwitchC] interface gigabitethernet 0/0/1
[SwitchC-GigabitEthernet0/0/1] port link-type trunk
[SwitchC-GigabitEthernet0/0/1] port trunk allow-pass vlan 20
[SwitchC-GigabitEthernet0/0/1] quit
[SwitchC] interface gigabitethernet 0/0/2
[SwitchC-GigabitEthernet0/0/2] port link-type access
[SwitchC-GigabitEthernet0/0/2] port default vlan 30
[SwitchC-GigabitEthernet0/0/2] quit
[SwitchC] interface vlanif 20
[SwitchC-Vlanif20] ip address 30.1.1.2 24
[SwitchC-Vlanif20] quit
[SwitchC] ipv6
[SwitchC] interface vlanif 30
[SwitchC-Vlanif30] ipv6 enable
[SwitchC-Vlanif30] ipv6 address fc00:2::1 64
[SwitchC-Vlanif30] quit

配置业务环回聚合接口

# 配置SwitchA。

[SwitchA] interface eth-trunk 1
[SwitchA-Eth-Trunk1] service type tunnel
[SwitchA-Eth-Trunk1] quit
[SwitchA] interface gigabitethernet 0/0/3
[SwitchA-GigabitEthernet0/0/3] eth-trunk 1
[SwitchA-GigabitEthernet0/0/3] quit

# 配置SwitchC。

[SwitchC] interface eth-trunk 1
[SwitchC-Eth-Trunk1] service type tunnel
[SwitchC-Eth-Trunk1] quit
[SwitchC] interface gigabitethernet 0/0/3
[SwitchC-GigabitEthernet0/0/3] eth-trunk 1
[SwitchC-GigabitEthernet0/0/3] quit

配置IPv4静态路由

# 配置SwitchA。

[SwitchA] ip route-static 30.1.1.0 255.255.255.0 20.1.1.2

# 配置SwitchC。

[SwitchC] ip route-static 20.1.1.0 255.255.255.0 30.1.1.1

配置Tunnel接口

# 配置SwitchA。

[SwitchA] interface tunnel 1
[SwitchA-Tunnel1] tunnel-protocol gre
[SwitchA-Tunnel1] ipv6 enable
[SwitchA-Tunnel1] ipv6 address 2001:db8:1::1 64
[SwitchA-Tunnel1] eth-trunk 1
[SwitchA-Tunnel1] source 20.1.1.1
[SwitchA-Tunnel1] destination 30.1.1.2
[SwitchA-Tunnel1] quit

# 配置SwitchC。

[SwitchC] interface tunnel 1
[SwitchC-Tunnel1] tunnel-protocol gre
[SwitchC-Tunnel1] ipv6 enable
[SwitchC-Tunnel1] ipv6 address 2001:db8:1::2 64
[SwitchC-Tunnel1] eth-trunk 1
[SwitchC-Tunnel1] source 30.1.1.2
[SwitchC-Tunnel1] destination 20.1.1.1
[SwitchC-Tunnel1] quit

配置Tunnel的静态路由

# 配置SwitchA。

[SwitchA] ipv6 route-static fc00:2:: 64 tunnel 1

# 配置SwitchC。

[SwitchC] ipv6 route-static fc00:1:: 64 tunnel 1

检查配置结果

# 在SwitchC上Ping SwitchA的IPv4地址，可收到返回的报文。

[SwitchC] ping 20.1.1.1PING 20.1.1.1: 56  data bytes, press CTRL_C to breakReply from 20.1.1.1: bytes=56 Sequence=1 ttl=254 time=84 msReply from 20.1.1.1: bytes=56 Sequence=2 ttl=254 time=27 msReply from 20.1.1.1: bytes=56 Sequence=3 ttl=254 time=25 msReply from 20.1.1.1: bytes=56 Sequence=4 ttl=254 time=3 msReply from 20.1.1.1: bytes=56 Sequence=5 ttl=254 time=24 ms--- 20.1.1.1 ping statistics ---5 packet(s) transmitted5 packet(s) received0.00% packet lossround-trip min/avg/max = 3/32/84 ms

# 在SwitchC上Ping SwitchA的IPv6地址，可收到返回的报文。

[SwitchC] ping ipv6 fc00:1::1PING fc00:1::1 : 56  data bytes, press CTRL_C to breakReply from FC00:1::1bytes=56 Sequence=1 hop limit=64  time = 28 msReply from FC00:1::1bytes=56 Sequence=2 hop limit=64  time = 27 msReply from FC00:1::1bytes=56 Sequence=3 hop limit=64  time = 26 msReply from FC00:1::1bytes=56 Sequence=4 hop limit=64  time = 27 msReply from FC00:1::1bytes=56 Sequence=5 hop limit=64  time = 26 ms--- fc00:1::1 ping statistics ---5 packet(s) transmitted5 packet(s) received0.00% packet loss
round-trip min/avg/max = 26/26/28 ms

配置文件

SwitchA的配置文件

#
sysname SwitchA
#    
ipv6      
#  
vlan batch 10 30
#
interface Vlanif10ip address 20.1.1.1 255.255.255.0
#
interface Vlanif30ipv6 enableipv6 address FC00:1::1/64
#
interface Eth-Trunk1  service type tunnel
#
interface GigabitEthernet0/0/1port link-type trunkport trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2port link-type accessport default vlan 30
#
interface GigabitEthernet0/0/3eth-trunk 1 
#
interface Tunnel1ipv6 enableipv6 address 2001:db8:1::1/64tunnel-protocol gresource 20.1.1.1destination 30.1.1.2eth-trunk 1
#
ip route-static 30.1.1.0 255.255.255.0 20.1.1.2
#                                                                               
ipv6 route-static FC00:2:: 64 Tunnel1 
#
return

SwitchB的配置文件

#
sysname SwitchB
#
vlan batch 10 20
#
interface Vlanif10ip address 20.1.1.2 255.255.255.0
#
interface Vlanif20ip address 30.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1port link-type trunkport trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2port link-type trunkport trunk allow-pass vlan 20
#
return

SwitchC的配置文件

#
sysname SwitchC
#    
ipv6     
#
vlan batch 20 30
#
interface Vlanif20ip address 30.1.1.2 255.255.255.0
#
interface Vlanif30ipv6 enableipv6 address FC00:2::1/64
#
interface Eth-Trunk1  service type tunnel
#
interface GigabitEthernet0/0/1port link-type trunkport trunk allow-pass vlan 20
#
interface GigabitEthernet0/0/2port link-type accessport default vlan 30
#
interface GigabitEthernet0/0/3eth-trunk 1 
#
interface Tunnel1ipv6 enableipv6 address 2001:db8:1::2/64tunnel-protocol gresource 30.1.1.2destination 20.1.1.1eth-trunk 1
#
ip route-static 20.1.1.0 255.255.255.0 30.1.1.1
#                                                                               
ipv6 route-static FC00:1:: 64 Tunnel1 
#
return

周工这里还有很多实验：关注+点赞+发送私信“题库”领取